Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...

CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday

CISA has given U.S. government agencies four days to secure their systems against a critical-severity vulnerability in Ivanti ...
SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...
CSO Online

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...